• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 440
  • Last Modified:

Connecting a server to two separate internet lines

We have two internet lines, one of which we are planning to use for sending our server backups to an externally hosted server.  The server has two NICs, so would it work if we connect both NICs to our internal network and assign each one a separate default gateway?  I assume we would update the routing table to send the IP requests down the appropriate NIC depending on the destination IP address. Is this the right way to configure this?
0
jpguillebaud
Asked:
jpguillebaud
  • 7
  • 7
1 Solution
 
jpgobertCommented:
What operating system are you using?  Will the second connection be used only for your backup data transfers?  It's never a good idea to try to apply multiple default gateways to a single box...

Can you post back with a quick write-up of your network layout so we can get a better understanding of your situation?

There will be a way to do what you're trying to do but without knowing some details on your layout it'll be hard to give you good suggestions that actually apply to your situation.
0
 
theras2000Commented:
I'm not sure if you're saying you want the backups to go over 1 or 2 paths.  And not sure if you're talking about using a VPN to the backup server.  I'm not a huge network guy, but I understand some and I have some thoughts.

Your machine can only use 1 default gateway at a time.  The whole purpose of a DG is that when a route is not known, it uses that 1 path (not paths).  You can set a DG on each but only one NIC will have the priority.  As an example, you can see this in Windows 7's Network Connections windows by going up to the menu and clicking Advanced, Advanced Settings.

It sounds like you want: 1 LAN, 2 WAN exit points.  You would configure your routers with 2 routes to the destination backup network (1 via each different WAN).  That way, if 1 link fails, it can always try the other one.  With both of your PC's NICs on the same LAN, it won't matter which NIC ends up being used because the router will end up sending the traffic to the preferred WAN anyway.
0
 
jpguillebaudAuthor Commented:
Herewith a diagram showing our network.  As indicated I am connecting one server to two routers at the same time and want to control which internet line to send the requests down. To answer your other question, we are using Windows Server 2012. Network diagram
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
jpgobertCommented:
The easy answer would be to have the two network cards on two different subnets.  Your primary connection would have a default gateway setup like you normally have on a single-homed machine.  For the second NIC you'd need to create a static route using netsh so that the traffic in question would always route out the proper adapter.

Have a look at the following link for details on setting up the route within Windows:  Adding a static route using netsh and route commands
0
 
jpguillebaudAuthor Commented:
Is it possible to have the NICs on the same subnet instead of separate ones?  The reason for this is because we want to be able to switch the default gateway of our own PCs to use the backup line whenever the main line goes down.
0
 
jpgobertCommented:
Technically yes but you're not going to accomplish what you want.

Can you tell me why you want to split the two lines?  Why not use teaming to bond the two NIC ports.  You can still direct the traffic for your backups over the second router  while keeping everything else routing over your main router.  This would actually be the most stable and effective way to make it happen.

What's the available bandwidth on those two internet connections?  Unless it is a Gigabit fiber connection then it really doesn't help you by isolating traffic on the server side to an individual NIC port.  You're much better off teaming the NIC's on the server and just routing your traffic over the two internet connections per your rules.  ...and if you do have teaming setup and you configure things right you'll have the auto-failover function you mentioned earlier so that traffic can route over the secondary connection as needed.

Does this make sense to you?
0
 
jpguillebaudAuthor Commented:
We plan to split the lines so that whenever backups are being sent to the cloud through the new internet line, the other NIC on that server can continue to function at its full bandwidth, and internet connections from the staff computers shouldn't be slowed down by the backups since those connections will continue to use the original internet line.  

What do people normally do in a situation like this?  We did originally try and configure NIC teaming but it proved too troublesome and so we would prefer not to use that as an option.
0
 
jpgobertCommented:
Normally you'd have a firewall/router in place that can support multiple WAN (internet) connections.  In your case, you'd setup the firewall policies and routing rules in that device so that normal internet traffic goes over one connection and any traffic for your backup process would route over the secondary connection.

From what I understand you have in place right now you don't have a single device that both WAN connections are hosted through inside your network.  In that case, you'd need to create the routing rules on your server using netsh.

To be honest it will be easier and better overall if you guys would invest in a firewall router to do this for you... you can pick up a decent unit for < $500 (maybe less).

Do you have any budget dollars available that you can use for this?
0
 
jpguillebaudAuthor Commented:
jpgobert, what you describe doesn't sound like what we are after. You are talking about having one single network connection which sends signals to the appropriate router by means of the routing rules, however we would like to use two separate NIC connections on the server so that the full bandwidth of each NIC is available for each connection, i.e. 1Gbps for backups and 1Gbps for internet traffic, instead of sharing 1Gbps across the two connections. Is this possible?
0
 
jpgobertCommented:
It is... you'll just have to add a static route to the server... tell me this, will the two internal IP addresses of the routers for the internet connections be on the same subnet?

Let me know and I'll reply with a sample route command.
0
 
jpguillebaudAuthor Commented:
Yes, we are planning to assign the IP addresses of the routers on the same subnet so we can easily switch over from one to the other on the staff computers if one of the two internet lines goes down.  

I have just read that the way to do this is to leave the "default gateway" blank for both  TCP/IP configurations and use NETSTAT to create the necessary routes - we would create a route which sends packets destined for the IP address of the backup server to send them down the new internet line and route all other destinations down the other line.
0
 
jpguillebaudAuthor Commented:
PS - I mean "NETSH" not netstat of course!
0
 
jpgobertCommented:
I wouldn't leave it blank...

Ok, let's say the two internet connections are:
192.168.1.1 - General internet connection

192.168.1.2 - Dedicated to backups

Your server's NIC's are:
Interface #1: 192.168.1.100
Interface #2: 192.168.1.101

The IP that your backup traffic is going to is 200.1.1.1

So given the values above, we'd configure server interface 1 with a default gateway address of 192.168.1.1.  Interface #2 wouldn't have a default gateway... leave it blank.

Once those are setup, open a command prompt window and run the following command:

route add 200.1.1.1 255.255.255.255 192.168.1.2 metric 1 IF 2

That command tells Windows that traffic going to 200.1.1.1 will route through 192.168.1.2 using interface #2.

This will do what you're looking for.
0
 
jpguillebaudAuthor Commented:
Thanks jpgobert, that is exactly what I was thinking of doing!
0
 
jpgobertCommented:
One thing to be aware of... you need to find the interface numbers for the NIC ports so you can run the route command.

The easiest way to find it is by running:  route print

The first section of the output of that command will be your list of network adapters and the IF numbers are listed there.

Good luck!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 7
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now